<!-- MHonArc v2.4.4 -->
<!--X-Subject: [MUD-Dev] PGP confusions hopefully resolved (was: collecting ideas ...) -->
<!--X-From-R13: "Irfyrl I. Frecfgen" <grecfgenNvbgn.quf.bet> -->
<!--X-Date: Thu, 23 Dec 1999 09:00:55 -0800 -->
<!--X-Message-Id: Pine.LNX.3.96.991223040024.2202B-100000#maul,sith.vpn -->
<!--X-Content-Type: text/plain -->
<!--X-Reference: E120xbW-0001hn-00#under,eng.cp.net -->
<!--X-Head-End-->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<html>
<head>
<title>MUD-Dev message, [MUD-Dev] PGP confusions hopefully resolved (was: collecting i</title>
<!-- meta name="robots" content="noindex,nofollow" -->
<link rev="made" href="mailto:terpstra#iota,dhs.org">
</head>
<body background="/backgrounds/paperback.gif" bgcolor="#ffffff"
text="#000000" link="#0000FF" alink="#FF0000" vlink="#006000">
<font size="+4" color="#804040">
<strong><em>MUD-Dev<br>mailing list archive</em></strong>
</font>
<br>
[ <a href="../">Other Periods</a>
| <a href="../../">Other mailing lists</a>
| <a href="/search.php3">Search</a>
]
<br clear=all><hr>
<!--X-Body-Begin-->
<!--X-User-Header-->
<!--X-User-Header-End-->
<!--X-TopPNI-->
Date:
[ <a href="msg00765.html">Previous</a>
| <a href="msg00768.html">Next</a>
]
Thread:
[ <a href="msg00780.html">Previous</a>
| <a href="msg00732.html">Next</a>
]
Index:
[ <A HREF="author.html#00762">Author</A>
| <A HREF="#00762">Date</A>
| <A HREF="thread.html#00762">Thread</A>
]
<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
<H1>[MUD-Dev] PGP confusions hopefully resolved (was: collecting ideas ...)</H1>
<HR>
<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->
<UL>
<LI><em>To</em>: <A HREF="mailto:mud-dev#kanga,nu">mud-dev#kanga,nu</A></LI>
<LI><em>Subject</em>: [MUD-Dev] PGP confusions hopefully resolved (was: collecting ideas ...)</LI>
<LI><em>From</em>: "Wesley W. Terpstra" <<A HREF="mailto:terpstra#iota,dhs.org">terpstra#iota,dhs.org</A>></LI>
<LI><em>Date</em>: Thu, 23 Dec 1999 04:40:26 -0800 (PST)</LI>
<LI><em>Reply-To</em>: <A HREF="mailto:mud-dev#kanga,nu">mud-dev#kanga,nu</A></LI>
<LI><em>Sender</em>: <A HREF="mailto:mud-dev-admin#kanga,nu">mud-dev-admin#kanga,nu</A></LI>
</UL>
<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->
<HR>
<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
<PRE>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
There has been much confusion on what I was talking about with respect to
using pgp for player certificates. I was, admittedly, exceeding unclear in
my original post. Now, after discussion, I have the ideas all straightened
out and would like to clear up confusion.
1 - I never intended to use this for encrypting anything.
2 - I am storing all character information on the players system.
3 - The user never touches pgp himself.
4 - The client program never touches pgp itself.
5 - Only the servers (rings) use pgp.
6 - Servers verify character information integrety by checking the
signatutes on the stats and they may choose to accept stats signed by
other servers.
For a sketch of how this server-server trust works, see:
Subject: PGP player certificates (was: collecting ideas...)
Message-ID: <<A HREF="msg00753.html">Pine.LNX.3.96.991222190724.836A-100000#maul,sith.vpn</A>>,
- ---
On Wed, 22 Dec 1999, Rahul Sinha wrote:
> > certificates about players so their characters can move from one
> > server to another w/o the two servers ever talking directly.
> servers talking is much better than trusting the client. Clients can be
> reverse-engineered...
Yes clients can. However, this buys the hacker nothing. Because character
data is signed, they can not forge data. Because the server records the
a hash of the last certificate issued, players cannot drop changes w/o the
server rejecting future connections.
On Wed, 22 Dec 1999, J C Lawrence wrote:
> PGP in this context purely establishes a "web of trust" and then a
> protocol for secure identification (ie auditable and to some extent
> guaranteed modulo key trust concerns). In essence this is exactly
> the same thing SSH does with its public key authentication ala
> authorixed_keys, just using a PGP wrapper instead of SSH.
Yes, I am building a web of trust that I use only to verify data about
players. Yes, ssh is used to authenticate two initially untrusted entities
and then transmit encrypted traffic. Unlike ssh, the entities I have
communicating never trust each other. They never even authenticate each
other (although this could be added).
The only real trust in my system is server-server (ring-ring).
Users only trust the server to show them a good time and update their
character. They can reject a server's changes at the expense of never
reconnecting.
Servers only trust the user insofar as it can verify that the character
stats are from a reputable source.
On Wed, 22 Dec 1999, J C Lawrence wrote:
> His discussion of the weaknesses for Public Key Infrastructure also
> indirectly pertains to the recent idea of PGP's webs-of-trust among
> MUD servers:
>
> <A HREF="http://www.counterpane.com/pki-risks.html">http://www.counterpane.com/pki-risks.html</A>
I just finished reading this. I don't believe it applies to a web of trust
among MUD servers. There is no CA. It's every server for himself! Of
course, it's late and I could be missing it. :-)
- ---
This the last I am going to say about using pgp player info certificates
unless people are still interested. However, I get the feeling the
interest level for this system is not high on this list. :-)
I like it and will probably implement it or some derivation.
Now on to other things, like Christmas and reading JC's C&C & lockless
model.
- ---
E-mail: terpstra#interchange,ubc.ca Host: iota.dhs.org
PGP key: hkp://wwwkeys.us.pgp.net/terpstra#interchange,ubc.ca
<A HREF="http://www.iota.dhs.org/pgp-keys/terpstra.pgp">http://www.iota.dhs.org/pgp-keys/terpstra.pgp</A>
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Comment: Made with pgp4pine 1.71b
Charset: noconv
iQA/AwUBOGIYPqYi3MeZ5h2mEQJqmACeMNkv1pjCBz0TyQ8y/uIEpRhDqbQAn3H1
XwVBcoRUNpn5RrVSr93AB5hy
=7O6O
-----END PGP SIGNATURE-----
_______________________________________________
MUD-Dev maillist - MUD-Dev#kanga,nu
<A HREF="http://www.kanga.nu/lists/listinfo/mud-dev">http://www.kanga.nu/lists/listinfo/mud-dev</A>
</PRE>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<HR>
<!--X-Follow-Ups-End-->
<!--X-References-->
<UL><LI><STRONG>References</STRONG>:
<UL>
<LI><STRONG><A NAME="00748" HREF="msg00748.html">Re: [MUD-Dev] Collecting ideas for a MUD server... (fwd)</A></STRONG>
<UL><LI><EM>From:</EM> J C Lawrence <claw#cp,net></LI></UL></LI>
</UL></LI></UL>
<!--X-References-End-->
<!--X-BotPNI-->
<UL>
<LI>Prev by Date:
<STRONG><A HREF="msg00765.html">Re: [MUD-Dev] Collecting ideas for a MUD server... (fwd)</A></STRONG>
</LI>
<LI>Next by Date:
<STRONG><A HREF="msg00768.html">Re: [MUD-Dev] Collecting ideas for a MUD server... (fwd)</A></STRONG>
</LI>
<LI>Prev by thread:
<STRONG><A HREF="msg00780.html">Re: [MUD-Dev] Collecting ideas for a MUD server... (fwd)</A></STRONG>
</LI>
<LI>Next by thread:
<STRONG><A HREF="msg00732.html">Re: [MUD-Dev] Collecting ideas for a MUD server... (fwd)</A></STRONG>
</LI>
<LI>Index(es):
<UL>
<LI><A HREF="index.html#00762"><STRONG>Date</STRONG></A></LI>
<LI><A HREF="thread.html#00762"><STRONG>Thread</STRONG></A></LI>
</UL>
</LI>
</UL>
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
<ul><li>Thread context:
<BLOCKQUOTE><UL>
<LI><STRONG>Re: [MUD-Dev] Collecting ideas for a MUD server... (fwd)</STRONG>, <EM>(continued)</EM>
<ul compact>
<ul compact>
<ul compact>
<ul compact>
<LI><strong><A NAME="00748" HREF="msg00748.html">Re: [MUD-Dev] Collecting ideas for a MUD server... (fwd)</A></strong>,
J C Lawrence <a href="mailto:claw#cp,net">claw#cp,net</a>, Thu 23 Dec 1999, 02:03 GMT
<UL>
<LI><strong><A NAME="00767" HREF="msg00767.html">Re: [MUD-Dev] Collecting ideas for a MUD server... (fwd)</A></strong>,
Greg Miller <a href="mailto:gmiller#classic-games,com">gmiller#classic-games,com</a>, Thu 23 Dec 1999, 17:00 GMT
<UL>
<LI><strong><A NAME="00769" HREF="msg00769.html">Re: [MUD-Dev] Collecting ideas for a MUD server... (fwd)</A></strong>,
J C Lawrence <a href="mailto:claw#kanga,nu">claw#kanga,nu</a>, Thu 23 Dec 1999, 17:12 GMT
<UL>
<LI><strong><A NAME="00780" HREF="msg00780.html">Re: [MUD-Dev] Collecting ideas for a MUD server... (fwd)</A></strong>,
Greg Miller <a href="mailto:gmiller#classic-games,com">gmiller#classic-games,com</a>, Fri 24 Dec 1999, 07:47 GMT
</LI>
</UL>
</LI>
</UL>
</LI>
<LI><strong><A NAME="00762" HREF="msg00762.html">[MUD-Dev] PGP confusions hopefully resolved (was: collecting ideas ...)</A></strong>,
Wesley W. Terpstra <a href="mailto:terpstra#iota,dhs.org">terpstra#iota,dhs.org</a>, Thu 23 Dec 1999, 17:00 GMT
</LI>
</UL>
</LI>
</ul>
<LI><strong><A NAME="00732" HREF="msg00732.html">Re: [MUD-Dev] Collecting ideas for a MUD server... (fwd)</A></strong>,
Justin Rogers <a href="mailto:justin#mlstoday,com">justin#mlstoday,com</a>, Wed 22 Dec 1999, 21:58 GMT
<UL>
<LI><strong><A NAME="00746" HREF="msg00746.html">Re: [MUD-Dev] Collecting ideas for a MUD server... (fwd)</A></strong>,
J C Lawrence <a href="mailto:claw#cp,net">claw#cp,net</a>, Thu 23 Dec 1999, 01:41 GMT
<UL>
<LI><strong><A NAME="00750" HREF="msg00750.html">Re: [MUD-Dev] Collecting ideas for a MUD server... (fwd)</A></strong>,
Rahul Sinha <a href="mailto:rsinha#glue,umd.edu">rsinha#glue,umd.edu</a>, Thu 23 Dec 1999, 05:36 GMT
<UL>
<LI><strong><A NAME="00756" HREF="msg00756.html">Re: [MUD-Dev] Collecting ideas for a MUD server... (fwd)</A></strong>,
Christopher Kohnert <a href="mailto:cjkohner#brain,uccs.edu">cjkohner#brain,uccs.edu</a>, Thu 23 Dec 1999, 07:34 GMT
</LI>
</UL>
</LI>
</UL>
</LI>
</UL>
</LI>
</ul>
</ul>
</ul>
</LI>
</UL></BLOCKQUOTE>
</ul>
<hr>
<center>
[ <a href="../">Other Periods</a>
| <a href="../../">Other mailing lists</a>
| <a href="/search.php3">Search</a>
]
</center>
<hr>
</body>
</html>